by In an interesting twist, build 14393 of the WDK now enforces the use of NX non-paged pool:
buffer = ExAllocatePoolWithTag(NonPagedPool, 4096, ' RSO'); nxoptinbreak.cpp(24): warning C30030: Warning: Allocating executable POOL_TYPE memory
This is a good thing as it will force all of us lazy driver developers to finally embrace marking our allocations as NX.
Now for the bad news…If you go the tried and true route of setting POOL_NX_OPTIN to automagically convert to NX, you’ll get another, completely bogus error about allocating must succeed pool:
#define POOL_NX_OPTIN 1
#include <wdm.h>
extern "C" DRIVER_INITIALIZE DriverEntry;
extern "C"
_Use_decl_annotations_
NTSTATUS
DriverEntry(
PDRIVER_OBJECT DriverObject,
PUNICODE_STRING RegistryPath
)
{
PVOID buffer;
ExInitializeDriverRuntime(DrvRtPoolNxOptIn);
buffer = ExAllocatePoolWithTag(NonPagedPool,
4096,
' RSO');
nxoptinbreak.cpp(24): warning C28160: Error annotation: Must succeed pool
allocations are forbidden. Allocation failures cause a system crash.
Argh! Clearly something is broken, we’re in the process of reporting this issue to the WDK team for verification and will report back once we have more details. In the meantime, you might want to hold off on the upgrade if you’re using POOL_NX_OPTIN (or get ready for some weird suppressions!).
Note that specifying NonPagedPoolNx does currently provide the correct behavior, though it’s not compatible with having a single binary for both pre- and post-Win8.
OSR Open Systems Resources, Inc.
[…] So… before you grab and install the new WDK, be sure it’s what you want. Be sure you don’t mind living with the spurious CA warning we described last night. […]